engine.py 文件源码

python
阅读 25 收藏 0 点赞 0 评论 0
项目:OWASP-Nettacker 作者: viraintel 项目源码 文件源码 
def check(target, user_agent, timeout_sec, log_in_file, language, time_sleep, thread_tmp_filename, retries,
          http_method, socks_proxy):
    _HOST = messages(language, 53)
    _USERNAME = messages(language, 54)
    _PASSWORD = messages(language, 55)
    _PORT = messages(language, 56)
    _TYPE = messages(language, 57)
    _DESCRIPTION = messages(language, 58)
    status_codes = [200, 401, 403]
    directory_listing_msgs = ["<title>Index of /", "<a href=\"\\?C=N;O=D\">Name</a>", "Directory Listing for",
                              "Parent Directory</a>", "Last modified</a>", "<TITLE>Folder Listing.",
                              "- Browsing directory "]
    time.sleep(time_sleep)
    try:
        if socks_proxy is not None:
            socks_version = socks.SOCKS5 if socks_proxy.startswith('socks5://') else socks.SOCKS4
            socks_proxy = socks_proxy.rsplit('://')[1]
            socks.set_default_proxy(socks_version, str(socks_proxy.rsplit(':')[0]), int(socks_proxy.rsplit(':')[1]))
            socket.socket = socks.socksocket
            socket.getaddrinfo = getaddrinfo
        n = 0
        while 1:
            try:
                if http_method == "GET":
                    r = requests.get(target, timeout=timeout_sec, headers=user_agent, verify=True)
                elif http_method == "HEAD":
                    r = requests.head(target, timeout=timeout_sec, headers=user_agent, verify=True)
                content = r.content
                break
            except:
                n += 1
                if n is retries:
                    warn(messages(language, 106).format(target))
                    return 1
        if version() is 3:
            content = content.decode('utf8')
        if r.status_code in status_codes:
            info(messages(language, 38).format(target, r.status_code, r.reason))
            thread_write = open(thread_tmp_filename, 'w')
            thread_write.write('0')
            thread_write.close()
            save = open(log_in_file, 'a')
            save.write(json.dumps({_HOST: target_to_host(target), _USERNAME: '', _PASSWORD: '',
                                   _PORT: int(target.rsplit(':')[2].rsplit('/')[0]), _TYPE: 'dir_scan',
                                   _DESCRIPTION: messages(language, 38).format(target, r.status_code,
                                                                               r.reason)}) + '\n')
            save.close()
            if r.status_code is 200:
                for dlmsg in directory_listing_msgs:
                    if dlmsg in content:
                        info(messages(language, 104).format(target))
                        save = open(log_in_file, 'a')
                        save.write(json.dumps({_HOST: target_to_host(target), _USERNAME: '', _PASSWORD: '',
                                               _PORT: int(target.rsplit(':')[1].rsplit('/')[0]), _TYPE: 'dir_scan',
                                               _DESCRIPTION: messages(language, 104).format(target)}) + '\n')
                        save.close()
                        break
        return True
    except:
        return False
您未登录,请先登录后再评论
评论列表
文章目录


问题


面经


文章

微信
公众号

扫码关注公众号